package io.swiftconnect.swiftconnect_sdk.wavelynx.utilities;

import android.security.keystore.KeyGenParameterSpec;
import com.google.android.gms.stats.CodePackage;
import defpackage.C0088Fb;
import defpackage.Yi;
import java.io.ByteArrayInputStream;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECGenParameterSpec;
import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* compiled from: Crypto.kt */
/* loaded from: classes.dex */
public final class Crypto {
    private static final String AES_MODE_M_OR_GREATER = "AES/GCM/NoPadding";
    private static final String ANDROID_KEY_STORE_NAME = "AndroidKeyStore";
    public static final Companion Companion;
    private static final byte[] NULL_GCM_IV;
    private static final Tree tree;
    private final String alias;

    /* compiled from: Crypto.kt */
    /* loaded from: classes.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(C0088Fb c0088Fb) {
            this();
        }

        public static /* synthetic */ byte[] externalDecrypt$default(Companion companion, byte[] bArr, byte[] bArr2, byte[] bArr3, int i, Object obj) {
            if ((i & 4) != 0) {
                bArr3 = companion.getNULL_GCM_IV();
            }
            return companion.externalDecrypt(bArr, bArr2, bArr3);
        }

        public static /* synthetic */ byte[] externalEncrypt$default(Companion companion, byte[] bArr, byte[] bArr2, byte[] bArr3, int i, Object obj) {
            if ((i & 4) != 0) {
                bArr3 = companion.getNULL_GCM_IV();
            }
            return companion.externalEncrypt(bArr, bArr2, bArr3);
        }

        public final byte[] ecdh(KeyPair keyPair, PublicKey publicKey) {
            Yi.f(keyPair, "keyPair");
            Yi.f(publicKey, "otherPublicKey");
            Crypto.tree.d("perform ecdh");
            Crypto.tree.d("our keypair " + keyPair.getPublic());
            Crypto.tree.d("their public key " + publicKey);
            KeyAgreement keyAgreement = KeyAgreement.getInstance("ECDH");
            keyAgreement.init(keyPair.getPrivate());
            keyAgreement.doPhase((ECPublicKey) publicKey, true);
            byte[] generateSecret = keyAgreement.generateSecret();
            Yi.e(generateSecret, "generateSecret(...)");
            return generateSecret;
        }

        public final byte[] externalDecrypt(byte[] bArr, byte[] bArr2, byte[] bArr3) {
            Yi.f(bArr, "data");
            Yi.f(bArr2, "key");
            Yi.f(bArr3, "iv");
            Cipher cipher = Cipher.getInstance(Crypto.AES_MODE_M_OR_GREATER);
            cipher.init(2, new SecretKeySpec(bArr2, "AES"), new GCMParameterSpec(128, bArr3));
            byte[] doFinal = cipher.doFinal(bArr);
            Yi.e(doFinal, "doFinal(...)");
            return doFinal;
        }

        public final byte[] externalEncrypt(byte[] bArr, byte[] bArr2, byte[] bArr3) {
            Yi.f(bArr, "data");
            Yi.f(bArr2, "key");
            Yi.f(bArr3, "iv");
            Cipher cipher = Cipher.getInstance(Crypto.AES_MODE_M_OR_GREATER);
            Yi.e(cipher, "getInstance(...)");
            cipher.init(1, new SecretKeySpec(bArr2, "AES"), new GCMParameterSpec(128, bArr3));
            byte[] doFinal = cipher.doFinal(bArr);
            Yi.e(doFinal, "doFinal(...)");
            return doFinal;
        }

        public final KeyPair generateEcPair() {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
            keyPairGenerator.initialize(new ECGenParameterSpec("secp256r1"));
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            Yi.e(generateKeyPair, "generateKeyPair(...)");
            return generateKeyPair;
        }

        public final byte[] getNULL_GCM_IV() {
            return Crypto.NULL_GCM_IV;
        }

        public final PublicKey publicKeyFromPem(byte[] bArr) {
            Yi.f(bArr, "pem");
            Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
            Crypto.tree.d("cert " + generateCertificate);
            PublicKey publicKey = generateCertificate.getPublicKey();
            Yi.e(publicKey, "getPublicKey(...)");
            return publicKey;
        }
    }

    static {
        Companion companion = new Companion(null);
        Companion = companion;
        tree = new Tree(companion);
        NULL_GCM_IV = new byte[]{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
    }

    public Crypto(String str) {
        Yi.f(str, "alias");
        this.alias = str;
        KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE_NAME);
        Yi.e(keyStore, "getInstance(...)");
        keyStore.load(null);
        if (!keyStore.containsAlias(str)) {
            generateKeys();
            return;
        }
        tree.i("key exists for alias: " + str);
    }

    public static /* synthetic */ byte[] decrypt$default(Crypto crypto, byte[] bArr, byte[] bArr2, int i, Object obj) {
        if ((i & 2) != 0) {
            bArr2 = NULL_GCM_IV;
        }
        return crypto.decrypt(bArr, bArr2);
    }

    public static /* synthetic */ byte[] encrypt$default(Crypto crypto, byte[] bArr, byte[] bArr2, int i, Object obj) {
        if ((i & 2) != 0) {
            bArr2 = NULL_GCM_IV;
        }
        return crypto.encrypt(bArr, bArr2);
    }

    private final Key getSecretKey() {
        tree.d("get secret key: " + this.alias);
        KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE_NAME);
        Yi.e(keyStore, "getInstance(...)");
        keyStore.load(null);
        Key key = keyStore.getKey(this.alias, null);
        Yi.e(key, "getKey(...)");
        return key;
    }

    public final byte[] decrypt(byte[] bArr, byte[] bArr2) {
        Yi.f(bArr, "data");
        Yi.f(bArr2, "iv");
        Tree tree2 = tree;
        tree2.d(this.alias + " decrypting: " + ByteUtilsKt.toHexString(bArr) + " iv: " + ByteUtilsKt.toHexString(bArr2));
        Cipher cipher = Cipher.getInstance(AES_MODE_M_OR_GREATER);
        cipher.init(2, getSecretKey(), new GCMParameterSpec(128, bArr2));
        byte[] doFinal = cipher.doFinal(bArr);
        Yi.c(doFinal);
        tree2.d("plaintext: " + ByteUtilsKt.toHexString(doFinal));
        return doFinal;
    }

    public final byte[] encrypt(byte[] bArr, byte[] bArr2) {
        Yi.f(bArr, "data");
        Yi.f(bArr2, "iv");
        Tree tree2 = tree;
        tree2.d(this.alias + " encrypting: " + ByteUtilsKt.toHexString(bArr) + " iv: " + ByteUtilsKt.toHexString(bArr2));
        Cipher cipher = Cipher.getInstance(AES_MODE_M_OR_GREATER);
        Yi.e(cipher, "getInstance(...)");
        cipher.init(1, getSecretKey(), new GCMParameterSpec(128, bArr2));
        byte[] doFinal = cipher.doFinal(bArr);
        Yi.c(doFinal);
        tree2.d("cipher: " + ByteUtilsKt.toHexString(doFinal));
        return doFinal;
    }

    public final void generateKeys() {
        tree.i("generating Keystore key: " + this.alias);
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", ANDROID_KEY_STORE_NAME);
        keyGenerator.init(new KeyGenParameterSpec.Builder(this.alias, 3).setBlockModes(CodePackage.GCM).setEncryptionPaddings("NoPadding").setRandomizedEncryptionRequired(false).build());
        keyGenerator.generateKey();
    }

    public final String getAlias() {
        return this.alias;
    }

    public final void removeKeys() {
        tree.d("Remove key value(s) for " + this.alias);
        KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE_NAME);
        Yi.e(keyStore, "getInstance(...)");
        keyStore.load(null);
        keyStore.deleteEntry(this.alias);
    }
}
